Skip to content

Commit

Permalink
Merge pull request #202 from siemens/siemens/feat/small_documentation…
Browse files Browse the repository at this point in the history
…_fixes

Small documentation fixes
  • Loading branch information
uk-bolly authored Jan 30, 2024
2 parents 658e808 + 290318c commit 216de0a
Showing 1 changed file with 8 additions and 6 deletions.
14 changes: 8 additions & 6 deletions defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -543,8 +543,10 @@ ubtu22cis_config_aide: true
## When Initializing aide this can take longer on some systems
# changing the values enables user to change to thier own requirements
ubtu22cis_aide_init:
async: 45 # Maximum Time in seconds
poll: 0 # Polling Interval in seconds
# Maximum Time in seconds
async: 45
# Polling Interval in seconds
poll: 0

## Control 1.3.2
# These are the crontab settings for periodical checking of the filesystem's integrity using AIDE.
Expand Down Expand Up @@ -597,7 +599,7 @@ ubtu22cis_set_boot_pass: false

ubtu22cis_grub_file: /boot/grub/grub.cfg

## 1.5.x
## Controls 1.5.x
# Ability to set file in which the kernel systcl changes are placed
ubtu22cis_sysctl_kernel_conf: /etc/sysctl.d/98_cis_kernel.conf

Expand Down Expand Up @@ -748,7 +750,7 @@ ubtu22cis_audit_back_log_limit: 8192
# This should be set based on your sites policy. CIS does not provide a specific value.
ubtu22cis_max_log_file_size: 10

## 4.1.3.x - Audit template
## Controls 4.1.3.x - Audit template
# This variable is set to true by tasks 4.1.3.1 to 4.1.3.20. As a result, the
# audit settings are overwritten with the role's template. In order to exclude
# specific rules, you must set the variable of form `ubtu22cis_rule_4_1_3_x` above
Expand Down Expand Up @@ -944,7 +946,7 @@ ubtu22cis_sugroup: nosugroup
# CIS requires a value of 5 or more.
ubtu22cis_pamd_pwhistory_remember: 5

# Control 5.4.2
## Control 5.4.2
# This can seriously break access to a system
## The end state the file /etc/pam.d/common-auth need to be understood
## If using external auth providers this will be very different
Expand All @@ -955,7 +957,7 @@ ubtu22cis_rule_5_4_2_faillock_config: |
auth [default=die] pam_faillock.so authfail
auth sufficient pam_faillock.so authsucc
# Control 5.4.4
## Control 5.4.4
# ubtu22cis_passwd_hash_algo is the hashing algorithm used
ubtu22cis_passwd_hash_algo: yescrypt # pragma: allowlist secret
# Set pam as well as login defs if PAM is required
Expand Down

0 comments on commit 216de0a

Please sign in to comment.